A cross-platform study on IoT malware
T Ban, R Isawa, K Yoshioka… - … Conference on Mobile …, 2018 - ieeexplore.ieee.org
2018 Eleventh International Conference on Mobile Computing and …, 2018•ieeexplore.ieee.org
Attacks towards the Internet of Things (IoT) devices are on the rise. For the lack of basic
security monitoring and protection mechanisms, many of these devices are infected with
malware and forced to join the attack campaigns on the Internet. Efficient precaution and
mitigation of emerging IoT malware could only be pursued after in-depth analysis of
captured malware samples. To enable efficient countermeasure against IoT malware, in this
paper, we present a multi-level analysis of IoT malware programs based on static/dynamic …
security monitoring and protection mechanisms, many of these devices are infected with
malware and forced to join the attack campaigns on the Internet. Efficient precaution and
mitigation of emerging IoT malware could only be pursued after in-depth analysis of
captured malware samples. To enable efficient countermeasure against IoT malware, in this
paper, we present a multi-level analysis of IoT malware programs based on static/dynamic …
Attacks towards the Internet of Things (IoT) devices are on the rise. For the lack of basic security monitoring and protection mechanisms, many of these devices are infected with malware and forced to join the attack campaigns on the Internet. Efficient precaution and mitigation of emerging IoT malware could only be pursued after in-depth analysis of captured malware samples. To enable efficient countermeasure against IoT malware, in this paper, we present a multi-level analysis of IoT malware programs based on static/dynamic analysis. To do so, we first use an entropy-based method to differentiate packed malware samples from non-packed ones. Then, characterizing information from static and dynamic analysis are vectorized and examined by t-SNE, which provides a visual hint on the interpretability of different features. Finally, an efficient classifier, namely support vector machine (SVM), is applied to the vector presentations of the malware for quantitative evaluation. Experiment show that opcode sequences obtained from static analysis provide sufficient discriminant information such that IoT malware can be classified with near optimal accuracy.
ieeexplore.ieee.org
Showing the best result for this search. See all results